Is there a way that the audit logs can include the failed password that was used in each attempt? A recent complaint from us to an ISP has yielded in them requesting the full audit log that includes the failed passwords.